<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <title>Choose the server variable</title>
    <link rel="Stylesheet" href="../PageActionEditor.css" type="text/css" />
    <style type="text/css">
    div.Contents {
        width: 446px; 
        height: 500px; 
    }
    </style>
    <script type="text/javascript">
        function UpdateKeyField(key) {
            var obj = dialogArguments;
            obj.value = key.innerText;
            self.close();
        }

        function Init() {
            document.body.onkeypress = function() {
                if (window.event.keyCode == 27)
                    self.close();
            }
        }        
    </script>
</head>
<body onload="Init()">
    <div class="Contents">
        <div class="ContentArea">
            <table>
                <tr>
                    <th>
                        <p>
                            Variable</p>
                    </th>
                    <th>
                        <p>
                            Description</p>
                    </th>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">ALL_HTTP</a></p>
                    </td>
                    <td>
                        <p>All HTTP headers sent by the client.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">ALL_RAW</a></p>
                    </td>
                    <td>
                        <p>
                            Retrieves all headers in raw form. The difference between ALL_RAW and ALL_HTTP is
                            that ALL_HTTP places an HTTP_ prefix before the header name and the header name
                            is always capitalized. In ALL_RAW the header name and values appear as they are
                            sent by the client.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">APP_POOL_ID</a></p>
                    </td>
                    <td>
                        <p>
                            Returns the name of the application pool that is running in the IIS worker process
                            that is handling the request.
                        </p>
                        <p>
                            There is also an APP_POOL_ID environment variable that is available to applications
                            that are running in the IIS worker process.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">APPL_MD_PATH</a></p>
                    </td>
                    <td>
                        <p>
                            Retrieves the metabase path of the application.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">APPL_PHYSICAL_PATH</a></p>
                    </td>
                    <td>
                        <p>
                            Retrieves the physical path corresponding to the metabase path in APPL_MD_PATH.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">AUTH_PASSWORD</a></p>
                    </td>
                    <td>
                        <p>
                            The value entered in the client's authentication dialog. This variable is available
                            only if Basic authentication is used.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">AUTH_TYPE</a></p>
                    </td>
                    <td>
                        <p>
                            The authentication method that the server uses to validate users when they attempt
                            to access a protected script.</p>
                        <p>
                            It does not mean that the user was authenticated if AUTH_TYPE contains a value and
                            the authentication scheme is not Basic or integrated Windows authentication. The
                            server allows authentication schemes it does not natively support because an ISAPI
                            filter may be able to handle that particular scheme.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">AUTH_USER</a></p>
                    </td>
                    <td>
                        <p>
                            The name of the user as it is derived from the authorization header sent by the
                            client, before the user name is mapped to a Windows account. This variable is no
                            different from REMOTE_USER. If you have an authentication filter installed on your
                            Web server that maps incoming users to accounts, use LOGON_USER to view the mapped
                            user name.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_COOKIE</a></p>
                    </td>
                    <td>
                        <p>
                            Unique ID for the client certificate, returned as a string. This can be used as
                            a signature for the whole client certificate.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_FLAGS</a></p>
                    </td>
                    <td>
                        <p>
                            <strong>bit0</strong> is set to 1 if the client certificate is present.
                        </p>
                        <p>
                            <strong>bit1</strong> is set to 1 if the certification authority of the
                            client certificate is invalid (that is, it is not in the list of recognized certification
                            authorities on the server).</p>
                        <p>
                            If bit 1 of CERT_FLAGS is set to 1, indicating that the certificate is invalid,
                            IIS version 4.0 and later will reject the certificate. Earlier versions of IIS will
                            not reject the certificate.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_ISSUER</a></p>
                    </td>
                    <td>
                        <p>
                            Issuer field of the client certificate (O=MS, OU=IAS, CN=user name, C=USA).</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_KEYSIZE</a></p>
                    </td>
                    <td>
                        <p>
                            Number of bits in the Secure Sockets Layer (SSL) connection key size. For example,
                            128.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_SECRETKEYSIZE</a></p>
                    </td>
                    <td>
                        <p>
                            Number of bits in server certificate private key. For example, 1024.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_SERIALNUMBER</a></p>
                    </td>
                    <td>
                        <p>
                            Serial number field of the client certificate.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_SERVER_ISSUER</a></p>
                    </td>
                    <td>
                        <p>
                            Issuer field of the server certificate.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_SERVER_SUBJECT</a></p>
                    </td>
                    <td>
                        <p>
                            Subject field of the server certificate.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CERT_SUBJECT</a></p>
                    </td>
                    <td>
                        <p>
                            Subject field of the client certificate.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CONTENT_LENGTH</a></p>
                    </td>
                    <td>
                        <p>
                            The length of the content as given by the client.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">CONTENT_TYPE</a></p>
                    </td>
                    <td>
                        <p>
                            The data type of the content. Used with queries that have attached information,
                            such as the HTTP queries <strong>GET</strong>, <strong>POST</strong>, and <strong>PUT</strong>.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">GATEWAY_INTERFACE</a></p>
                    </td>
                    <td>
                        <p>
                            The revision of the CGI specification used by the server. The format is CGI/revision.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HEADER_</a><em>&lt;HeaderName&gt;</em></p>
                    </td>
                    <td>
                        <p>
                            The value stored in the header <em>&lt;HeaderName&gt;</em>.
                            Any header other than those listed in this table must be preceded by "HEADER_" in
                            order for the <strong>ServerVariables</strong> collection to retrieve its value.
                            This is useful for retrieving custom headers.
                        </p>
                            Unlike HTTP_<em>&lt;HeaderName&gt;</em>,
                                        all characters in HEADER_<em>&lt;HeaderName&gt;</em> are interpreted
                                        as-is. For example, if you specify HEADER_MY_HEADER, the server searches for a request
                                        header named MY_HEADER.
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_</a><em>&lt;HeaderName&gt;</em></p>
                    </td>
                    <td>
                        <p>
                            The value stored in the header <em>&lt;HeaderName&gt;</em>.
                            Any header other than those listed in this table must be preceded by "HTTP_" in
                            order for the <strong>ServerVariables</strong> collection to retrieve its value.
                            This is useful for retrieving custom headers.
                        </p>
                                    The server interprets any underscore (_) characters in
                                        <em>&lt;HeaderName&gt;</em> as dashes in the actual header.
                                        For example, if you specify HTTP_MY_HEADER, the server searches for a request header
                                        named MY-HEADER.
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_ACCEPT</a></p>
                    </td>
                    <td>
                        <p>
                            Returns the value of the Accept header that contains a list of accepted formats,
                            for example, "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel".</p>
                        <p>
                            The values of the fields for the HTTP_ACCEPT variable are concatenated, and separated
                            by a comma (,).</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_ACCEPT_ENCODING</a></p>
                    </td>
                    <td>
                        <p>
                            Returns a list of accepted encoding types, for example, "gzip, deflate".</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_ACCEPT_LANGUAGE</a></p>
                    </td>
                    <td>
                        <p>
                            Returns a string describing the language to use for displaying content.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_CONNECTION</a></p>
                    </td>
                    <td>
                        <p>
                            Returns a string describing the connection type, for example, "Keep-Alive".</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_COOKIE</a></p>
                    </td>
                    <td>
                        <p>
                            Returns the cookie string that was included with the request.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_HOST</a></p>
                    </td>
                    <td>
                        <p>
                            Returns the name of the Web server. This may or may not be the same as SERVER_NAME
                            depending on type of name resolution you are using on your Web server (IP address,
                            host header).</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_METHOD</a></p>
                    </td>
                    <td>
                        <p>
                            The method used to make the request (same as REQUEST_METHOD).</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_REFERER</a></p>
                    </td>
                    <td>
                        <p>
                            Returns a string that contains the URL of the page that referred the request to
                            the current page using an HTML &lt;A&gt; tag. Note that the URL is the one that
                            the user typed into the browser address bar, which may not include the name of a
                            default document.</p>
                        <p>
                            If the page is redirected, HTTP_REFERER is empty.</p>
                        <p>
                            HTTP_REFERER is not a mandatory member of the HTTP specification.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_URL</a></p>
                    </td>
                    <td>
                        <p>
                            Returns the raw, encoded URL, for example, "/vdir/default.asp?querystring".</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_USER_AGENT</a></p>
                    </td>
                    <td>
                        <p>
                            Returns a string describing the browser that sent the request.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTP_VERSION</a></p>
                    </td>
                    <td>
                        <p>
                            The name and version of the request protocol (the raw form of SERVER_PROTOCOL).</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTPS</a></p>
                    </td>
                    <td>
                        <p>
                            Returns ON if the request came in through a secure channel (for example, SSL); or
                            it returns OFF, if the request is for an insecure channel.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTPS_KEYSIZE</a></p>
                    </td>
                    <td>
                        <p>
                            Number of bits in the SSL connection key size. For example, 128.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTPS_SECRETKEYSIZE</a></p>
                    </td>
                    <td>
                        <p>
                            Number of bits in the server certificate private key. For example, 1024.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTPS_SERVER_ISSUER</a></p>
                    </td>
                    <td>
                        <p>
                            Issuer field of the server certificate.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">HTTPS_SERVER_SUBJECT</a></p>
                    </td>
                    <td>
                        <p>
                            Subject field of the server certificate.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">INSTANCE_ID</a></p>
                    </td>
                    <td>
                        <p>
                            The ID for the IIS instance in textual format. If the instance ID is 1, it appears
                            as a string. You can use this variable to retrieve the ID of the Web server instance
                            (in the metabase) to which the request belongs.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">INSTANCE_META_PATH</a></p>
                    </td>
                    <td>
                        <p>
                            The metabase path for the instance of IIS that responds to the request.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">LOCAL_ADDR</a></p>
                    </td>
                    <td>
                        <p>
                            Returns the server address on which the request came in. This is important on computers
                            where there can be multiple IP addresses bound to the computer, and you want to
                            find out which address the request used.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">LOGON_USER</a></p>
                    </td>
                    <td>
                        <p>
                            The Windows account that the user is impersonating while connected to your Web server.
                            Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that
                            is contained in the request header. The only time LOGON_USER holds a different value
                            than these other variables is if you have an authentication filter installed.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">PATH_INFO</a></p>
                    </td>
                    <td>
                        <p>
                            Path information, as given by the client, for example, "/vdir/myisapi.dll/zip".
                            If this information comes from a URL, it is decoded by the server before it is passed
                            to the CGI script or ISAPI filter.
                        </p>
                        <p>
                            If the <strong>AllowPathInfoForScriptMappings</strong> metabase property is set to <strong>true</strong> (to support exclusive CGI functionality),
                            PATH_INFO will only contain "/zip" and ISAPI applications such as ASP will break.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">PATH_TRANSLATED</a></p>
                    </td>
                    <td>
                        <p>
                            The physical path that maps to the virtual path in PATH_INFO, for example, "c:\inetpub\wwwroot\vdir\myisapi.dll".
                            This variable is used by IIS during the processing of ISAPI applications.</p>
                        <p>
                            If the <strong>AllowPathInfoForScriptMappings</strong> metabase property is set to <strong>true</strong> (to support exclusive CGI functionality),
                            PATH_INFO will only contain "/zip" and ISAPI applications such as ASP will break.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">QUERY_STRING</a></p>
                    </td>
                    <td>
                        <p>
                            Query information stored in the string following the question mark (?) in the HTTP
                            request.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">REMOTE_ADDR</a></p>
                    </td>
                    <td>
                        <p>
                            The IP address of the remote host that is making the request.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">REMOTE_HOST</a></p>
                    </td>
                    <td>
                        <p>
                            The name of the host that is making the request. If the server does not have this
                            information, it will set REMOTE_ADDR and leave this empty.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">REMOTE_PORT</a></p>
                    </td>
                    <td>
                        <p>
                            The client port number of the TCP connection.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">REMOTE_USER</a></p>
                    </td>
                    <td>
                        <p>
                            The name of the user as it is derived from the authorization header sent by the
                            client, before the user name is mapped to a Windows account. If you have an authentication
                            filter installed on your Web server that maps incoming users to accounts, use LOGON_USER
                            to view the mapped user name.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">REQUEST_METHOD</a></p>
                    </td>
                    <td>
                        <p>
                            The method used to make the request. For HTTP, this can be <strong>GET</strong>,
                            <strong>HEAD</strong>, <strong>POST</strong>, and so on.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">SCRIPT_NAME</a></p>
                    </td>
                    <td>
                        <p>
                            A virtual path to the script being executed, for example, "/vdir/default.asp". This
                            is used for self-referencing URLs.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">SCRIPT_TRANSLATED</a></p>
                    </td>
                    <td>
                        <p>
                            The canonical physical path to the script listed in SCRIPT_NAME, for example, "\\?\c:\inetpub\wwwroot\vdir\default.asp".
                        </p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">SERVER_NAME</a></p>
                    </td>
                    <td>
                        <p>
                            The server's host name, DNS alias, or IP address as it would appear in self-referencing
                            URLs.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">SERVER_PORT</a></p>
                    </td>
                    <td>
                        <p>
                            The server port number to which the request was sent.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">SERVER_PORT_SECURE</a></p>
                    </td>
                    <td>
                        <p>
                            A string that contains either 0 or 1. If the request is being handled on the secure
                            port, then this is 1. Otherwise, it is 0.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">SERVER_PROTOCOL</a></p>
                    </td>
                    <td>
                        <p>
                            The name and revision of the request information protocol. The format is protocol/revision.
                            (The canonicalized form of HTTP_VERSION.)</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">SERVER_SOFTWARE</a></p>
                    </td>
                    <td>
                        <p>
                            The name and version of the server software that answers the request and runs the
                            gateway. The format is name/version.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">SSI_EXEC_DISABLED</a></p>
                    </td>
                    <td>
                        <p>
                            Returns a 1 if the server-side include directive, <strong>
                                #exec</strong>, is disabled. Otherwise, SSI_EXE_DISABLED returns a 0. To enable or
                            disable <strong>#exec</strong>, use the <strong>
                                    SSIExecDisable</strong> metabase property.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">UNENCODED_URL</a></p>
                    </td>
                    <td>
                        <p>
                            Returns the raw, unencoded URL, for example, "/vdir/default.asp?querystring".</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">UNICODE_</a><em>&lt;ServerVariable Name&gt;</em></p>
                    </td>
                    <td>
                        <p>
                            In unicode ISAPI applications only, it is possible to retrieve server variable values
                            as unicode values by prepending "UNICODE_" to the name of the server variable, unless
                            the variable starts with "HTTP_" or "HEADER_".
                        </p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">UNMAPPED_REMOTE_USER</a></p>
                    </td>
                    <td>
                        <p>
                            The name of the user as it is derived from the authorization header sent by the
                            client, before the user name is mapped to a Windows account (same as REMOTE_USER).
                            If you have an authentication filter installed on your Web server that maps incoming
                            users to accounts, use LOGON_USER to view the mapped user name.</p>
                    </td>
                </tr>
                <tr>
                    <td>
                        <p><a onclick="UpdateKeyField(this);" href="#">URL</a></p>
                    </td>
                    <td>
                        <p>
                            Gives the base portion of the URL, without any querystring or extra path information,
                            for example, "/vdir/default.asp".
                        </p>
                        <p>
                            For the raw URL, use HTTP_URL or UNENCODED_URL.</p>
                    </td>
                </tr>
            </table>
        </div>        
    </div>
    <div style="text-align: right; padding: 0px; padding-right: 3px; padding-top: 8px;">
        <input type="button" class="UserButton" value="Cancel" onclick="self.close()" />
    </div>
</body>
</html>
